UAF vulnerability in VBScript Engine exploited in wild

A high risk use-after-free (UAF) vulnerability in VBScript Engine is being exploited in the wild. 

The UAF vulnerability (CVE-2018-8373) affects Internet Explorer (IE) to run shellcode and the VBScript engine in the latest versions of Windows. However, the flaw does not impact IE 11 since VBScript in Windows 10 Redstone 3 (RS3) has been effectively disabled by default, according to a Trend Micro report

Trend Micro researchers discovered the vulnerability in the wild just a day (July 11) after last month’s Patch Tuesday and sent the results to Microsoft immediately afterwards. The flaw was since patched in the August Patch Tuesday. 

“We found this exploit using heuristics, which led to a more in-depth analysis. Interestingly, we found that this exploit sample uses the same obfuscation technique as exploits for CVE-2018-8174, a VBScript engine remote code execution vulnerability patched back in May,” Trend Micro said.

Users and system administrators should take extra precaution to make sure all systems have the UAF vulnerability patched. 

Leave a Comment

Your email address will not be published. Required fields are marked *